As far as the school I went to, there was no undergrad security, but grad school had several options. The single most important tool you can have is to know how the internet works and what the lingo is. If you have that down, you will be able to grasp the other concepts

p.s. - hackthissite.org is a decent introduction to basic online security. And its fun.

IT professionals know about networking ins and outs and how to setup up hardware in a network.

Hackers knows networking in and out as well as programming but only knows how to setup the hardware for they're needs.

Now have a look at the last couple of months all the servers that were hacked of major companies who got highly professional security firms part of their security.

But you gotta think about it. There are over 6 billion people in this world and not everyone is the same. Some are very very smart and can do something better than the person who designed it. It's a cat and mouse game. One person designs it, another changes/breaks it. Don't mess or bother the hackers, embrace them by hiring them, not sue them. They could help you out. Sony got what Sony had coming to them, what goes around comes around. A lot of the hacks were done by simple vulnerabilities rather than actual hacks. I've heard SQL Injection is a very basic vulnerability. All I know is if it can be engineered, it can be reverse engineered. Anything is possible.Edited by iKhan - 6/7/11 at 6:59pm

I just graduated with 2 degrees (like may 6th lol) Network Engineering and security and Industrial Technology. Yes I had good grades, yes I took some certs Net + Sec + A+ CCNA and I plan to do a CCNP track at some point. I hope I offer some insight to those of you who are looking to go into this career field and that are starting or going through school right now to get there.

As a piece of advice on the forefront, have an idea of what you want to do, like specialize in (for me it was security) but take every chance you get to learn everything you can, yes a lot of the information you will learn in school will be out of date when you get out, no it will not matter, its more about knowing where to look and how to understand what you see. You will go to work somewhere where they are still using windows NT and Windows XP after you graduate, even if you haven't started college yet, I know it sounds crazy but you will. Companies do not move as fast as technology and if its not broke they won't spend money to fix it.

Grades are important, they will get you an interview, but they more than likely will not get you a job. Same thing with certifications. Try to understand how things work, if you are in networking or are on a security path then you will get things drilled in your head that you will get tired of hearing, how TCP/IP works, the 7 layer protocol stack, UDP, and even stuff like x.509. Try to actually listen and know how they work not just what they do, when it comes to troubleshooting knowing where to look will do you no good unless you know the part of the process that is broken and how to tell its broken.

Do not tell yourself "I don't care about how kerberos works, or programing, or the software side of things" because I am going to do networking not PC repair and software repair. In order for a PC to get on a network some software has to send information down the stack, and if it can't talk to the other side you have to find out why, at least learn the basics, this lesson I learned the hard way, the first thing I have done after school it study for M$ certifications, not for the certs, but so I can know and understand how the traffic works when a user doesn't get authenticated by Active Directory or it says the Domain controller isn't available.

I can't promise I will check this thread every day, but through school I have learned a lot from other peoples problems (like right here on these forums) and I plan to check in this section often to try to use what I have learned to help others, to teach others, and to keep my own skills up to par. Please ask questions and hopefully I will be able to answer and help you decide what would be best for you.

If you want to work for a fortune 500 company and have a career in the real sense you need to go to a reputable 4 year college with a great Computer Science department. In your 2rd year you'll need to start writing letters to human resource departments and spend your weekends doing projects for community organizations (boy and girls club, etc) writing code, to show community outreach, etc. By your 3rd year you should be tracking or on pace of doing 20 hours a week as an intern for one of the 100+ (ebay, amazon, Intel, Starbucks, etc) companies that you have been writing essays to. The rest is up to you to make impressions, and contacts because you'll use them..

The other way is to do what the 85% do. Get a low level support job, gain experience, get certifications, work harder, get paid ****, get **** on, wonder how the hell your engineers with half the wit and inteligence have their job. Rinse/repeat for 5 years.

My suggestion. Go to a "good" University, one that places in the top 25 for their CS department. If that's not a possibility then go get your entry level certs (A+ CompTA) land yourself a help desk position, work it for three years. Then go after your mid level certs (CCNA, Juniper, MCITP) and land an NOC possition, work it for 3 years while getting your professional level certs (CCNP, MCITP:EA) and specializations like OSCP, CEH, etc. 6 years experience + certs = $65k

But you gotta think about it. There are over 6 billion people in this world and not everyone is the same. Some are very very smart and can do something better than the person who designed it. It's a cat and mouse game. One person designs it, another changes/breaks it. Don't mess or bother the hackers, embrace them by hiring them, not sue them. They could help you out. Sony got what Sony had coming to them, what goes around comes around. A lot of the hacks were done by simple vulnerabilities rather than actual hacks. I've heard SQL Injection is a very basic vulnerability. All I know is if it can be engineered, it can be reverse engineered. Anything is possible.

sony? Sony is nothing. Did you know RSA security got nailed as well? That's how they got into Boeing systems using the stolen keys. I mean if they can make a fool out RSA then they will make a fool out of everyone

I really cannot thank some of you for your informative and inspiring posts! This is why I will always love and thank this forum for the knowledge it has granted me with over the past few years.

So from most of the informative posts I have gathered the following.

1. Have an idea of what you want to do when you get to college.

Perfect. I already do. I want to be more into the security aspect of things (viruses, malware, you name it).

2. Even if you have your mind set on what you want to do, do not take that for granted. Learn everything you can to better improve your knowledge and possible career path. Don't settle for less if you can go for more.

Perfect, I am absolutely fine with that and I want nothing more than to LEARN about computers/computer science.

3. Don't expect to dive right into the career. Work my way from the bottom. Get certified in various areas and work from there.

Absolutely fine, you have to start somewhere. And it's something I will not mind, because I really want this.

I really cannot thank some of you for your informative and inspiring posts! This is why I will always love and thank this forum for the knowledge it has granted me with over the past few years.

So from most of the informative posts I have gathered the following.

1. Have an idea of what you want to do when you get to college.

Perfect. I already do. I want to be more into the security aspect of things (viruses, malware, you name it).

2. Even if you have your mind set on what you want to do, do not take that for granted. Learn everything you can to better improve your knowledge and possible career path. Don't settle for less if you can go for more.

Perfect, I am absolutely fine with that and I want nothing more than to LEARN about computers/computer science.

3. Don't expect to dive right into the career. Work my way from the bottom. Get certified in various areas and work from there.

Absolutely fine, you have to start somewhere. And it's something I will not mind, because I really want this.

the broader you knowledge the better. Going into one field most people stop there. Don't. It cost nothing to learn other fields in security as well. It will help overall. If you know programming and networking then you got a huge advantage